Announcement

Collapse
No announcement yet.

PFSense Firewall Group purchase interest

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Good news Wayne!!

    Going to add a PFSense VLAN configuration section above in the DIY. Do you mind if I use your stuff? Will do a step by step with pictures above. Going baby steps above doing the DIY.

    Once you have the PFBlocker running it will Geo Block much of the nepharious stuff for you automatically.

    Here I would like to pin hole a telnet / ssh connection from the main LAN to the secondary ISP connection to manage the modem. By default all traffic routes through the primary modem unless there is a failure then goes to the secondary modem. The firewall rules use a configured alias that works with whatever router is being utilized. I have tried a couple of times and have never been able to get it to work. That and the secondary modem is a cellular combo AP, Network, Firewall and telephone line so the IP I connect to is in a DMZ on the cellular modem.
    Last edited by Pete; September 8, 2017, 01:22 PM.
    - Pete

    Auto mator
    Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
    Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
    HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

    HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
    HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

    X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

    Comment


      Good thread on Qotom hardware

      On the pfSense forum I found a thread that had gobs of info on the Qotom hardware. It starts kind of negative but keep reading. 10 pages of good info. For reasons you will see as you read the thread, they basically consolidated all the Qotom discussions to one thread so it is a great resource whether you already own one or are considering the purchase of one.

      https://forum.pfsense.org/index.php?topic=132528.0

      Comment


        Originally posted by Pete View Post
        Good news Wayne!!

        Going to add a PFSense VLAN configuration section above in the DIY. Do you mind if I use your stuff? Will do a step by step with pictures above. Going baby steps above doing the DIY.

        Once you have the PFBlocker running it will Geo Block much of the nepharious stuff for you automatically.

        Here I would like to pin hole a telnet / ssh connection from the main LAN to the secondary ISP connection to manage the modem. By default all traffic routes through the primary modem unless there is a failure then goes to the secondary modem. The firewall rules use a configured alias that works with whatever router is being utilized. I have tried a couple of times and have never been able to get it to work. That and the secondary modem is a cellular combo AP, Network, Firewall and telephone line so the IP I connect to is in a DMZ on the cellular modem.


        Sure Pete. If you need me to get you details and screen shots, let me know.

        Comment


          Thank you Wayne.

          Here to get screen shots I been disabling and clearing stuff. This gets me remembering what it is I did. I have reset my PFSense basic configuration a few times now just to get these screen shots. That said doing the DIY above breaking it down to commonly utilized options et al.
          - Pete

          Auto mator
          Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
          Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
          HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

          HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
          HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

          X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

          Comment


            Going to add another section above in the DIY. By default here have always installed the Squid plugin.

            Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including Internet Gopher, SSL, TLS and HTTPS. Squid does not support the SOCKS protocol.

            Squid was originally designed to run as a daemon on Unix-like systems. A Windows port was maintained up to version 2.7. New versions available on Windows use the Cygwin environment. Squid is free software released under the GNU General Public License.
            - Pete

            Auto mator
            Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
            Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
            HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

            HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
            HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

            X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

            Comment


              To ALL:

              As you may remember, last weekend I was trying to get my new Qotom pfSense server working in my Exede satellite ISP network. We did not reach resolution at that time.

              I let it sit for a few days but got back to it today. Our super pfSense local guy PETE worked with me over on the pfSense forum and we got it working. Here is the pfSense thread if you are interested.

              Net is we turned off DNS Resolver and configured two external DNS servers. Might be specific to my Exede network, might not. But it does work.

              Big thanks to PETE!

              Robert

              Comment


                Took me a while to get my FiOS setup configured, but seems to be working now. VOD, Widgets, Caller ID, Remote DVR all working well. The only thing I haven't got working yet is the remote control within the FiOS Mobile app. Not a big deal as we rarely use it, but I may try and figure it out at some point.

                Playing with pfBlocker now. Basics up and running already. Beginning to see the benefits of address reservation vs static IP. I have always used a combination, preferring static on the device if possible. But given that DNS is more easily managed with address reservation, I have now set most devices with reserved addresses in pfSense. Just need to switch all my devices over now!
                cheeryfool

                Comment


                  is there a timeline (even a loose one) on this group buy?

                  Comment


                    Before Christmas?

                    Prices are dropping on the J1900's where I could probably do a group purchase including shipping for a bit under $100 now. (did get a price already for this).

                    Waiting here on new wares using the new old Skylake new ARK SoC (Atom)...call the new Intel Atom a baby i9 series Intel chip ....
                    - Pete

                    Auto mator
                    Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb
                    Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro
                    HS4 Lite - Ubuntu 22.04 / Lenovo Tiny M900 / 32Gb Ram

                    HS4 Pro - V4.1.18.1 - Ubuntu 22.04 / Lenova Tiny M900 / 32Gb Ram
                    HSTouch on Intel tabletop tablets (Jogglers) - Asus AIO - Windows 11

                    X10, UPB, Zigbee, ZWave and Wifi MQTT automation-Tasmota-Espurna. OmniPro 2, Russound zoned audio, Alexa, Cheaper RFID, W800 and Home Assistant

                    Comment


                      I just got my QOTOM machine and am getting ready to setup pfsense

                      What is the best way to connect to it my existing network to set it all up (DHCP reservation, port forwarding, etc) and then once complete, swap it out with my existing ASUS router.

                      I am looking to cause very little interference with internet at home.
                      Cheers,
                      Bob
                      Web site | Help Desk | Feature Requests | Message Board

                      Comment


                        Originally posted by Blade View Post
                        I just got my QOTOM machine and am getting ready to setup pfsense

                        What is the best way to connect to it my existing network to set it all up (DHCP reservation, port forwarding, etc) and then once complete, swap it out with my existing ASUS router.

                        I am looking to cause very little interference with internet at home.
                        Bob
                        I gave mine a fixed IP initially and put it on my existing LAN. Browsed to the web UI and configured most things there. All the basic stuff is quick and it's fairly well locked down from the get-go. I took screenshots of all my DHCP reservations and forwarded ports from the existing hardware after previously cleaning that up as much as possible. I had more issues with browser caches giving me back the login screen for the old router, even when the new one was in play, than I did with the config itself. You might consider using a different network for the Qotom to solve for that.

                        I had far more challenges re-configuring my existing FiOS all-in-one box to be part of a distinct DMZ. For that I had to cable it directly to a laptop on a different network - hopefully you don't need that.

                        Also, save your configs out OFTEN as you make changes, both on the Qotom and on your old router, so that you have baseline to go back to if needed.

                        I actually messed mine up when trying to do the FiOS bit and ended up restoring the FiOS router for a day, until I had another window alone in the house.

                        With my FiOS setup I followed an online suggestion to clone the MAC from their router to the WAN port of the Qotom. I don't think that's a problem with many ISPs but FiOS seems to expect a known MAC and somebody else spent hours trying to solve that with FiOS support and eventually gave up and cloned the MAC.

                        Once I was up and running, it became much easier to start adding the additional features/packages via the UI with very little downtime. Again, take config export before every incremental change - Not that I need to tell YOU to do that!
                        cheeryfool

                        Comment


                          Originally posted by Blade View Post
                          I just got my QOTOM machine and am getting ready to setup pfsense

                          What is the best way to connect to it my existing network to set it all up (DHCP reservation, port forwarding, etc) and then once complete, swap it out with my existing ASUS router.

                          I am looking to cause very little interference with internet at home.
                          As you may have read, I had a real tough time at first. Now I'm in pretty good shape.

                          The thing that really saved my bacon several times was that I had made a bootable thumb drive that would reload the Qotom machine from scratch. I downloaded the right image from the pfsense site and then used rufus to create the drive. I must have reloaded the qotom machine 10 time before I got things right. It somewhat empowered me to try things since I knew I could get back to the start. And I got pretty good a getting back to a know working point after the reload. I highly recommend this tool.

                          Comment


                            Originally posted by logbuilder View Post
                            As you may have read, I had a real tough time at first. Now I'm in pretty good shape.

                            The thing that really saved my bacon several times was that I had made a bootable thumb drive that would reload the Qotom machine from scratch. I downloaded the right image from the pfsense site and then used rufus to create the drive. I must have reloaded the qotom machine 10 time before I got things right. It somewhat empowered me to try things since I knew I could get back to the start. And I got pretty good a getting back to a know working point after the reload. I highly recommend this tool.
                            Is there some instructions on how to do this? I have a feeling I will need it
                            Cheers,
                            Bob
                            Web site | Help Desk | Feature Requests | Message Board

                            Comment


                              Originally posted by logbuilder View Post
                              As you may have read, I had a real tough time at first. Now I'm in pretty good shape.

                              The thing that really saved my bacon several times was that I had made a bootable thumb drive that would reload the Qotom machine from scratch. I downloaded the right image from the pfsense site and then used rufus to create the drive. I must have reloaded the qotom machine 10 time before I got things right. It somewhat empowered me to try things since I knew I could get back to the start. And I got pretty good a getting back to a know working point after the reload. I highly recommend this tool.
                              I didn't find that necessary and used the export/import tool instead. There's also a software factory reset available from the UI which I imagine should do the same as a clean install - though I didn't try it.
                              cheeryfool

                              Comment


                                The learning curve is a bit steep at first, but once you figure out what is what, it gets much easier.

                                I remember when I first dove into the settings, a lot of it didn't make sense and I felt like a fish out of water (I was also trying to send all outgoing traffic through a vpn, which complicated it much further)

                                Now it all seems so easy and everything makes sense.

                                There are plenty of guides available online for most things pfsense. I piecemealed from various guides initially, and once I figured it out, I simplified the settings

                                Comment

                                Working...
                                X